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DETAILED ACTION 

Information Disclosure Statement 

1 . The information disclosure statement filed 8/6/2003 fails to comply with the 
provisions of 37 CFR 1.97, 1.98 and MPEP § 609 because the citation for the reference 
Simplifying Network Administration using Policy based Management lacks the date of 
publication and a listing of relevant pages. It has been placed in the application file, but 
the information referred to therein has not been considered as to the merits. Applicant 
is advised that the date of any re-submission of any item of information contained in this 
information disclosure statement or the submission of any missing element(s) will be the 
date of submission for purposes of determining compliance with the requirements based 
on the time of filing the statement, including all certification requirements for statements 
under 37 CFR 1 .97(e). See MPEP § 609.05(a). 

Specification 

2. The specification is objected to as failing to provide proper antecedent basis for 
the claimed subject matter. See 37 CFR 1 75(d)(1) and MPEP § 608.01 (o). Correction 
of the following is required: the term "machine readable storage" recited in claims 11-18 
lacks antecedent basis in the specification. 
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Claim Rejections - 35 USC § 101 

1. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

2. Claim 9-10 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

3. Regarding claim 9, the elements "an administration policy" and "an exit routine" 
refer to software per se. Furthermore, applicant's specification defines "components" as 
including "application components" and "software resources" (see paragraph [0017]). 
Therefore, applicant's specification provides evidence that the element "a policy 
evaluation component" is also intended to encompass software per se. In the absence 
of a structurally and functionally interrelated computer-readable medium, software per 
se is not statutory subject matter. See MPEP §21 06.01 . 

4. Regarding claim 10, the element "a rules engine" refers to software perse, and is 
rejected for the reasons above. 

Claim Rejections - 35 USC §112 



5. 



The following is a quotation of the second paragraph of 35 U.S.C. 112: 
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The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

6. Claims 6 and 16 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

7. Where applicant acts as his or her own lexicographer to specifically define a term 
of a claim contrary to its ordinary meaning, the written description must clearly redefine 
the claim term and set forth the uncommon definition so as to put one reasonably skilled 
in the art on notice that the applicant intended to so redefine that claim term. Process 
Control Corp. v. HydReclaim Corp., 190 F.3d 1350, 1357, 52 USPQ2d 1029, 1033 (Fed. 
Cir. 1999). The term "autonomically" in claims 6 and 16 is used by the claim to mean 
"without the manual intervention of a human operator", while the accepted meaning is 
"in a manner related to the portion of the vertebrate nervous system that governs 
involuntary actions." The term is indefinite because the specification does not clearly 
redefine the term. 

8. For the purposes of this action, the term "autonomically" will be interpreted to 
mean "without the manual intervention of a human operator." 



Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 



(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 



Application/Control Number: 10/635,586 
Art Unit: 2142 



Page 5 



the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

10. Claims 1-2, 9, and 11-12 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Lortz (US PGPUB 2003/0018786) in view of Hopmann et al. .(US Pat. 
No. 6,499,031, hereinafter "Hopmann"). 

11. As to claims 1 and 1 1 , Lortz shows a systems administration policy enforcement 
method, and a machine readable storage having stored thereon a program for causing 
a machine to perform such a method (inherent to any computer-implemented system), 
comprising: responsive to a request to perform an administrative task (comprising a 
resource request, which can include administrative tasks such as editing: see [0021]) 
directed to a resource (resource device 14) within a computing network (network 16), 
retrieving an administration policy comprising a set of rules for governing said 
administrative task (the policy comprising policy data and the rules comprising access 
control entries: see [0019] and [0044]-[0045]), and permitting said administrative task 
only if a set of rules in said retrieved policy are satisfied (see step 310 in Fig. 4C and 
[0045]). 

12. Lortz does not show retrieving state data for a resource and applying a policy to 
retrieved state data. Hopmann shows retrieving state data (comprising whether or not a 
resource is locked) for a resource and applying a policy to retrieved state data (the 
policy being that a resource is only available if it does not have a lock token: see lines 7- 
9 of col. 1 and col. 8, line 65 to col.' 9, line 2). It would have been obvious to one of 
ordinary skill in the art at the time of the invention to modify the invention of Lortz with 
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the evaluation of state data as taught by Hopmann in order to prevent administrative 
task requests from overwriting one another (see Hopmann, col. 2, lines 14-18). 

1 3. As to claims 2 and 12, Lortz in view of Hopmann shows the limitations of claims 1 
and 1 1 as applied above, and Lortz further shows providing a user interface for 
establishing said set of rules for said administration policy (see lines 7-10 of [0031]); 
and storing said administration policy for subsequent retrieval in said retrieving step 
(see lines 1-5 of [0035]). 

14. As to claim 9, Lortz shows a system administration policy enforcement system 
comprising: an administration policy comprising a set of rules for permitting and 
disallowing administration of resources in a system hosting a plurality of interdependent 
resources (the policy comprising policy data and the rules comprising access control 
entries: see [0019] and [0044]-[0045]); a policy evaluation component configured to 
determine whether rules in said administration policy are satisfied (comprising the 
component which determines whether or not to grant a client access, as described in 
[0045]); and an exit routine coupled to a resource in said network, said exit routine 
having logic for forwarding requests to administer said resource to said policy evaluation 
component (the exit routine comprising the component which receives the resource 
request and initiates the evaluation process: see [0044]). 

15. Lortz does not show the policy evaluation component configured to retrieve 
resource state data and determine whether said retrieved resource data satisfies rules 
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in said administration policy. Hopmann shows retrieving resource state data (comprising 
whether or not a resource is locked ) and determining whether said retrieved resource 
state data satisfies rules in an administration policy (the policy being that a resource is 
only available if it does not have a lock token: see lines 7-9 of col. 1 and col. 8, line 65 
to col. 9, line 2). It would have been obvious to one of ordinary skill in the art at the time 
of the invention to modify the invention of Lortz with the evaluation of state data as 
taught by Hopmann in order to prevent administrative task requests from overwriting 
one another (see Hopmann, col. 2, lines 14-18). 

16. Claims 3 and 1 3 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Lortz (US PGPUB 2003/0018786) in view of Hopmann (US Pat. No. 6,499,031), and 
further in view of Bell et al. (US Pat. No. 6,880,005, hereinafter "Bell"). 

17. Lortz in view of Hopmann shows the limitations of claim 1 as applied above, and 
additionally shows permitting an administrative task only if information satisfies a set of 
rules in a retrieved policy (see Lortz, [0045]). Lortz in view of Hopmann does not show 
retrieving environmental information, or permitting the administrative task where the 
information is environmental information. 

1 8. Bell shows retrieving environmental information for a computing network (the 
information comprising the current weekday, and the retrieving being inherent to 
evaluating a policy which dictates that information can only be accessed during 
specified days of the week: see col. 3, lines 27-30 and col. 2, lines 16-20). Bell further 
shows permitting an administrative task only if the environmental data satisfies a set of 
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rules in a policy (see col. 3, lines 27-30). It would have been obvious to one of ordinary 
skill in the art at the time of the invention to further modify the invention of Lortz in view 
of Hopmann with the environmental data and policy evaluation of Bell in order to ensure 
that administrative tasks are allowed to occur only during specified times. 

19. Claims 4-7 and 14-17 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Lortz (US PGPUB 2003/0018786) in view of Hopmann (US Pat. No. 6,499,031), 
and further in view of Burns et al. (US PGPUB 2003/0014644, hereinafter "Burns"). 

20. As to claims 4 and 14, Lortz in view of Hopmann show the limitations of claims 1 
and 1 1 as applied above, and show retrieving state data for said resource as applied 
above, but do not show retrieving state data for other related resources in said 
computing network. 

21 . Burns shows retrieving state data for other related resources in a computing 
network (see [0038]). It would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify the invention of Lortz in view of Hopmann with the state 
retrieval of Burns in order to ensure that all the relevant network policies are upheld 
(see Burns, lines 9-13 of [0038]). 

22. As to claims 5 and 15, Lortz in view of Hopmann show the limitations of claims 1 
and 1 1 as applied above, and further show disallowing said administrative task if said 
further retrieved state data fails to satisfy said set of rules in said retrieved policy (see 
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step 310 of Lurtz), but do not show identifying a related resource having a related 
resource state giving rise to said state data for said resource failing to satisfy said set of 
rules in said retrieved policy; requesting remediation of said related resource state so 
that said related resource state satisfies said set of rules in said retrieved policy; and 
further permitting said administrative task subsequent to a remediation of said related 
resource state. 

23. Burns shows identifying a related resource having a related resource state giving 
rise to state data for a resource failing to satisfy a set of rules in a retrieved policy (see 
lines 1-9 of [0039] and lines 6-10 of [0044]); and requesting remediation of said related 
resource state so that said related resource state satisfies said set of rules in said 
retrieved policy (see [0044]-[0045]). It would have been obvious to one of ordinary skill 
in the art at the time of the invention to further modify the invention of Lortz in view of 
Hopmann with the identification and remediation system of Burns in order to ensure 
security policies are upheld even when the state of the network and its components 
change (see Burns, [0011]). 

24. It is noted that the method of Lortz in view of Hopmann and Burns would permit 
said administrative task subsequent to a remediation of said related resource state, as 
the system would have no reason to disallow the task if the related resource state were 
remediated. 
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25. As to claims 6 and 16, it is noted that the steps of disallowing, identifying, 
requesting, and further permitting are performed autonomically; that is, without the 
invention of a human operator. 

26. As to claims 7 and 17, it is noted that the steps of disallowing, identifying, 
requesting, and further permitting as applied above are performed recursively for each 
related resource whose state gives rise to a failure of said resource to satisfy said 
retrieved policy (see Bums, [0045]). 

27. Claims 8 and 18 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Lortz (US PGPUB 2003/0018786) in view of Hopmann (US Pat. No. 6,499,031), and 
further in view of Hall (US Pat. No. 5,930,479). 

28. Lortz in view of Hopmann show the limitations of claims 1 and 1 1 as applied 
above, and further show inserting an exit routine in an administrative interface of said 
resource (the exit routine comprising the component which receives the resource 
request and initiates the evaluation process, and the administrative interface being the 
necessary interface through which the client requests the resource: see [0044]), said 
exit routine having a configuration for forwarding requests to administer said resource to 
a policy evaluation component programmed to perform said steps of retrieving, further 
retrieving, applying, permitting (the forwarding being necessary to initiate the request to 
the policy manager and evaluate the received policy data: see [0044]-[0045]), but do not 
show that the administrative interface is an administrative console. 
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29. Hall shows an administrative interface comprising an administrative console (see 
Fig. 1 1 and lines 39-58 of col. 16). It would have been obvious to one of ordinary skill in 
the art at the time of the invention to modify the invention of Lortz in view of Hopmann 
with the administrative console of Hall in order to provide a familiar interface through 
which clients may make task requests (see lines 53-56 of col. 16). 

30. Claim 10 is rejected under 35 U.S.C. 103(a) as being unpatentable over Lortz 
(US PGPUB 2003/0018786) in view of Hopmann (US Pat. No. 6,499,031), and further in 
view of Krumel (US PGPUB 2002/0083331 ). 

31. Lortz in view of Hopmann show the limitations of claim 9 as applied above, but 
do not show a rules engine coupled to said policy evaluation component and configured 
to retrieve said set of rules on behalf of said policy evaluation component. Krumel 
shows a rules engine configured to retrieve rules (see lines 5-8 of [0096]). It would have 
been obvious to one of ordinary skill in the art to modify the invention of Lortz in view of 
Hopmann with the rules engine of Krumel in order to speed development by using pre- 
existing software products to perform the rule retrieval. See also paragraph [0023] of 
applicant's specification, which explains that rules engines are well-known in the art. 

Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christopher D. Biagini whose telephone number is (571) 
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272- 9743. The examiner can normally be reached on M-R 7:30-5, 7:30-4 alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell can be reached on (571) 272-3868. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 

273- 8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Christopher Biagini 
(571)272-3868 



ANDREW CALDWELL 
SUPERVISORY PATENT EXAMINER 



